amazon-fr.amzwzaxrs.info Open in urlscan Pro
111.90.146.172  Public Scan

35 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response amazon-fr.amzwzaxrs.info/	39 KB 39 KB	2096ms 1428ms	Document text/html	111.90.146.172 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://amazon-fr.amzwzaxrs.info/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 111.90.146.172 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS server1.kamon.la Software Apache / Resource Hash 0c157257f8d3f37eacf8869024b28c635f640906d9f1345cee03af537f649641 Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Tue, 07 May 2024 10:18:47 GMT Keep-Alive timeout=5, max=100 Link <https://togelerbz.club/wp-json/>; rel="https://api.w.org/" Server Apache Transfer-Encoding chunked
GET H3	200	sticky-front.css togelerbz.club/wp-content/plugins/seos//css/	1 KB 852 B	74ms 29ms	Stylesheet text/css	172.67.155.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://togelerbz.club/wp-content/plugins/seos//css/sticky-front.css?ver=4.9.25 Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.155.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3a82ed2a2408a7388e3d86b45f3b6c844090adee75cae39ec5a48bb0c187c9b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5861 alt-svc h3=":443"; ma=86400 pragma public referrer-policy no-referrer-when-downgrade last-modified Sun, 07 Jan 2024 21:00:47 GMT server cloudflare etag W/"418-60e616016fdc0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wRc85CIpKz%2F7PvOEWn3XBywPNVZEZfLoxRnrzI%2BAtHE0F%2F2qJvhyKJOKALU9nqZBMNqJBiecZDc%2FUQ3GXziS2ROgVY%2FEMJs68vVHdB0Kdfn0ZKZRNLGnwTZba8vJIL3RaA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=14400 cf-ray 880077defd459eb1-CDG
GET H2	200	css fonts.googleapis.com/	1 KB 902 B	107ms 39ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Caveat&display=swap&ver=4.9.25 Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7dab6cb48c6727f810dff85fbeb4406881c0a74c46cef47750c80e60217155dd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 07 May 2024 10:18:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 May 2024 10:15:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 May 2024 10:18:50 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 752 B	108ms 41ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto+Serif%3A400%2C700&subset=latin%2Clatin-ext&ver=0.0.1 Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f3f8d02a7a7b9fc07dcc70c897787cc409719570b458412f476e9ccd97c7d2d6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 07 May 2024 10:18:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 May 2024 10:18:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 May 2024 10:18:50 GMT
GET H2	200	css fonts.googleapis.com/	9 KB 700 B	116ms 49ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ceedb9668900ddaf66838e83a88512c47209c7ff4c3c0cf2b23a06870107e8e6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 07 May 2024 10:18:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 May 2024 09:12:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 May 2024 10:18:50 GMT
GET H3	200	font-awesome.min.css togelerbz.club/wp-content/themes/Fashify/assets/css/	30 KB 7 KB	72ms 30ms	Stylesheet text/css	172.67.155.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://togelerbz.club/wp-content/themes/Fashify/assets/css/font-awesome.min.css?ver=4.5 Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.155.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5861 alt-svc h3=":443"; ma=86400 pragma public referrer-policy no-referrer-when-downgrade last-modified Sun, 19 Apr 2020 18:15:41 GMT server cloudflare etag W/"7917-5a3a8c5262d40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z2h2HH8tUP9SbZy9EhfXoVP2bPdLW578x5pkv35t4OjfDUs9XbDT%2BLmkfMSG4DA63iSULurrbqG4Pd1Bt3rmxq7IVbw%2FpITBqN9ruvUko4k1iI6a%2Fj1lu3NAw6Vh5%2FeVnA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=14400 cf-ray 880077defd469eb1-CDG
GET H3	200	style.css togelerbz.club/wp-content/themes/Fashify/	34 KB 8 KB	82ms 40ms	Stylesheet text/css	172.67.155.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://togelerbz.club/wp-content/themes/Fashify/style.css?ver=4.9.25 Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.155.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1478326382ca08196df1d954f8fda2b1c9ffb061b96afaa9b4a94c3880659e8e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5861 alt-svc h3=":443"; ma=86400 pragma public referrer-policy no-referrer-when-downgrade last-modified Sun, 19 Apr 2020 18:15:42 GMT server cloudflare etag W/"8935-5a3a8c5356f80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KTAxwt7y8jJNsNhU9WBhxEPFh4N4nXXASAa5C3%2BGNQF6mBDd7fB9tufza28GXep0TU4QJ6Lc7SAiTBRqz0SJjy7z7BQtl0%2FtC802%2Fh0tqCWcWjk5wfNsz%2FtBCspvpD%2FD5Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=14400 cf-ray 880077defd449eb1-CDG
GET H3	200	jquery.js Show response togelerbz.club/wp-includes/js/jquery/	95 KB 35 KB	91ms 50ms	Script application/x-javascript	172.67.155.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://togelerbz.club/wp-includes/js/jquery/jquery.js?ver=1.12.4 Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.155.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5861 alt-svc h3=":443"; ma=86400 pragma public referrer-policy no-referrer-when-downgrade last-modified Wed, 04 Sep 2019 21:45:33 GMT server cloudflare etag W/"17a6a-591c11fdf5940" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfnYo1qZzXxUY1U8qAGm56pw8bp8OyM5hLCbN7ZrmKVVUZmgG9M2AfmwaegMiLmDnHmPxVoNJZOz1UbXf8Emm7RL4hasq28W9i8Vd3tdrCUIF3Zmmg43QQTSYitzuNdlcg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=14400 cf-ray 880077defd419eb1-CDG
GET H3	200	jquery-migrate.min.js Show response togelerbz.club/wp-includes/js/jquery/	10 KB 4 KB	71ms 30ms	Script application/x-javascript	172.67.155.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://togelerbz.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.155.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5861 alt-svc h3=":443"; ma=86400 pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 20 May 2016 06:11:28 GMT server cloudflare etag W/"2748-5333ff613c400" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkDUcEn8cON5vesvEBOWurkjD5w8BDhl6qMWTPvMyvtKM8qqueBcPXjk0%2B7QLc%2F%2FWo2P067tXt8MM9SrbHDhKVUly4S3vzuX%2B0H%2FnMej5atMnErVLlspP94cr7p7Mt0mAg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=14400 cf-ray 880077defd439eb1-CDG
GET H3	200	wp-emoji-release.min.js Show response togelerbz.club/wp-includes/js/	12 KB 5 KB	30ms 28ms	Script application/x-javascript	172.67.155.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://togelerbz.club/wp-includes/js/wp-emoji-release.min.js?ver=4.9.25 Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.155.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5860 alt-svc h3=":443"; ma=86400 pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Feb 2021 04:07:43 GMT server cloudflare etag W/"2ea7-5ba8ef63f01c0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pH3Fz4mvAMM08JO1nKB92psdztzjGdhKWex8zt3vLZsCn%2B74uWnBrQ4mkx7EQXWH4Q6nOTkC8NpcunSn%2B0wlNshGksbUfK1jVM%2FVlu10MngA7tE4%2Bw4srMcJdx7TBzQWFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=14400 cf-ray 880077df6d889eb1-CDG
GET H2	200	ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2 fonts.gstatic.com/s/notoserif/v23/	42 KB 43 KB	96ms 28ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%2C700&subset=latin%2Clatin-ext&ver=0.0.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://amazon-fr.amzwzaxrs.info Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 21:23:17 GMT x-content-type-options nosniff age 46533 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43212 x-xss-protection 0 last-modified Tue, 24 Oct 2023 00:59:26 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 06 May 2025 21:23:17 GMT
GET H3	200	juragan.gif erakini.net/wp-content/uploads/2024/04/	2 MB 2 MB	73ms 29ms	Image image/gif	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://erakini.net/wp-content/uploads/2024/04/juragan.gif Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93c363e87215aec723aa31c1bc5cde1514bf8c8e732751dfe0fb5ae1996ed4c5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:50 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 970648 alt-svc h3=":443"; ma=86400 content-length 2455226 referrer-policy no-referrer-when-downgrade last-modified Tue, 09 Apr 2024 02:59:56 GMT server cloudflare etag "2576ba-6614af2c-0;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KH7tm7lXahQERhqEerhcVLF%2FHB21dvkrXRG5nCpBuBQGWsq1aqNUn6DhDE7NY9y2ipgwgfA%2FRxWKBXQ0RR%2B15cUQyGBg2IbIJ0CVr8xYxIOhVScATkm17n3c8oacwg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=31536000 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 880077e0bca92a71-CDG expires Sat, 26 Apr 2025 04:41:22 GMT
GET H2	200	jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 fonts.gstatic.com/s/librefranklin/v14/	28 KB 28 KB	34ms 33ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://amazon-fr.amzwzaxrs.info Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 07:47:56 GMT x-content-type-options nosniff age 9054 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28224 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:23:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 07 May 2025 07:47:56 GMT
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	109ms 33ms	Script text/javascript	2606:4700:10::6814:4373 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:4373 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:50 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 16 Apr 2020 10:44:16 GMT server cloudflare age 60687 etag "-375139978" vary Accept-Encoding content-type text/javascript cache-control max-age=28800 accept-ranges bytes cf-ray 880077e2cb930053-CDG content-length 4547
GET H3	200	navigation.js Show response togelerbz.club/wp-content/themes/Fashify/assets/js/	2 KB 1 KB	29ms 28ms	Script application/x-javascript	172.67.155.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://togelerbz.club/wp-content/themes/Fashify/assets/js/navigation.js?ver=20151215 Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.155.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a545fe148926bea910674f88ba47fd4aca984902ebccad3a4942142360524347 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5861 alt-svc h3=":443"; ma=86400 pragma public referrer-policy no-referrer-when-downgrade last-modified Sun, 19 Apr 2020 18:15:41 GMT server cloudflare etag W/"900-5a3a8c5262d40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=huRm%2B33LgdEoREUWJMlnN5Dc1kKoAbNfmzkexVgPJPcaOR%2BZWl5EYsv03uv9m9rxo9M5yw5Mj9RFv66pTWJ0NC5WZAsCewoGE1rKxUysvrEVd5FMzenzY6NcetEbm7x3sQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=14400 cf-ray 880077e25fd49eb1-CDG
GET H3	200	skip-link-focus-fix.js Show response togelerbz.club/wp-content/themes/Fashify/assets/js/	880 B 959 B	30ms 29ms	Script application/x-javascript	172.67.155.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://togelerbz.club/wp-content/themes/Fashify/assets/js/skip-link-focus-fix.js?ver=20151215 Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.155.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5860 alt-svc h3=":443"; ma=86400 pragma public referrer-policy no-referrer-when-downgrade last-modified Sun, 19 Apr 2020 18:15:41 GMT server cloudflare etag W/"370-5a3a8c5262d40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGjvZ4kFQX%2F5HGpecpOapaSYyKNXfdEsqgKBHq0DWWw6bYuu6KhQYfzHKJfOPTBpDU95cTQdtNiy7sGYNhGvNw5XmvNN5srSFRluZkNpba9kT%2BMbjtZ8I%2FLK%2FB7TDPPrfA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=14400 cf-ray 880077e25fd59eb1-CDG
GET H3	200	wp-embed.min.js Show response togelerbz.club/wp-includes/js/	1 KB 1 KB	30ms 29ms	Script application/x-javascript	172.67.155.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://togelerbz.club/wp-includes/js/wp-embed.min.js?ver=4.9.25 Requested by Host: amazon-fr.amzwzaxrs.info URL: https://amazon-fr.amzwzaxrs.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.155.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5860 alt-svc h3=":443"; ma=86400 pragma public referrer-policy no-referrer-when-downgrade last-modified Tue, 16 May 2023 15:54:27 GMT server cloudflare etag W/"5a3-5fbd19601f2c0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GsY5BaQfwYHvyV21qYLHCYq1hS7tLGvTcN%2FnP%2FrSvdKMMZs6fiGPl%2FOwuxc%2F17YK5x5YytbdtqrCW3Ce3KIVc66X3nIBaTKE5l3q1J34ezgNkXCfhrExj%2FTnaLaabqdohg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=14400 cf-ray 880077e25fd79eb1-CDG
GET H/1.1	200 OK	4373115.php Show response s4.histats.com/stats/	96 B 230 B	302ms 97ms	Script text/html	54.39.128.117 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/4373115.php?4373115&@f16&@g1&@h1&@i1&@j1715077130714&@k0&@l1&@mTOGELERSBZ%20%E2%80%93%20PREDIKSI%20TOGEL%20HONGKONG%2C%20TOGEL%20SINGAPORE%2C%20TOGEL%20SYDNEY%2C%20TOGEL%20TAIWAN%2C%20TOGEL%20BULLSEYE%2C%20TOGEL%20PCSO%2C%20TOGEL%20CAMBODIA%2C%20TOGEL%20TAIPEI%2C%20DATA%20KELUARAN%20TOGEL&@n0&@o1000&@q0&@r0&@s430&@tfr-FR&@u1600&@b1:-1039041&@b3:1715077131&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Famazon-fr.amzwzaxrs.info%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns561935.ip-54-39-128.net Software / Resource Hash 063e5949d49ccb04239c35c1b05a01db636041e093cc79a98800b1da6a4c8555 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 07 May 2024 10:18:42 GMT Connection close Content-Length 96 Content-Type text/html;charset=UTF-8
GET H2	200	cc_430.js Show response s10.histats.com/counters/	18 KB 8 KB	34ms 34ms	Script text/javascript	2606:4700:10::6814:4373 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/counters/cc_430.js Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:4373 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f17d0f6ccba0db529a9314ef356a5c750b91142f1205904b28f2704b01ef45e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 10:18:51 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 16 Apr 2020 10:45:32 GMT server cloudflare age 60716 etag "-795091056" vary Accept-Encoding content-type text/javascript cache-control max-age=28800 accept-ranges bytes cf-ray 880077e4fd540053-CDG content-length 7614
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 97c2f309de7a237b4f2a1bef3c48d41f37ba7d32a1660ad28c40d325c8266753 Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	favicon.ico amazon-fr.amzwzaxrs.info/	0 200 B	376ms 376ms	Other image/vnd.microsoft.icon	111.90.146.172 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://amazon-fr.amzwzaxrs.info/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 111.90.146.172 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS server1.kamon.la Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amazon-fr.amzwzaxrs.info/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 07 May 2024 10:18:50 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type image/vnd.microsoft.icon

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery object| twemoji object| wp object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_430_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_430 function| histats_canvascounters_base.js

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			amazon-fr.amzwzaxrs.info/	1970-01-21 05:10:13	Name: HstCfa4373115 Value: 1715077130714
			amazon-fr.amzwzaxrs.info/	1970-01-21 05:10:13	Name: HstCla4373115 Value: 1715077130714
			amazon-fr.amzwzaxrs.info/	1970-01-21 05:10:13	Name: HstCmu4373115 Value: 1715077130714
			amazon-fr.amzwzaxrs.info/	1970-01-21 05:10:13	Name: HstPn4373115 Value: 1
			amazon-fr.amzwzaxrs.info/	1970-01-21 05:10:13	Name: HstPt4373115 Value: 1
			amazon-fr.amzwzaxrs.info/	1970-01-21 05:10:13	Name: HstCnv4373115 Value: 1
			amazon-fr.amzwzaxrs.info/	1970-01-21 05:10:13	Name: HstCns4373115 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon-fr.amzwzaxrs.info
erakini.net
fonts.googleapis.com
fonts.gstatic.com
s10.histats.com
s4.histats.com
togelerbz.club
111.90.146.172
172.67.155.12
188.114.97.3
2606:4700:10::6814:4373
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
54.39.128.117
063e5949d49ccb04239c35c1b05a01db636041e093cc79a98800b1da6a4c8555
0c157257f8d3f37eacf8869024b28c635f640906d9f1345cee03af537f649641
0f17d0f6ccba0db529a9314ef356a5c750b91142f1205904b28f2704b01ef45e
1478326382ca08196df1d954f8fda2b1c9ffb061b96afaa9b4a94c3880659e8e
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
7dab6cb48c6727f810dff85fbeb4406881c0a74c46cef47750c80e60217155dd
93c363e87215aec723aa31c1bc5cde1514bf8c8e732751dfe0fb5ae1996ed4c5
97c2f309de7a237b4f2a1bef3c48d41f37ba7d32a1660ad28c40d325c8266753
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
a545fe148926bea910674f88ba47fd4aca984902ebccad3a4942142360524347
b3a82ed2a2408a7388e3d86b45f3b6c844090adee75cae39ec5a48bb0c187c9b
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
ceedb9668900ddaf66838e83a88512c47209c7ff4c3c0cf2b23a06870107e8e6
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
f3f8d02a7a7b9fc07dcc70c897787cc409719570b458412f476e9ccd97c7d2d6